Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S932169AbbGCTEh (ORCPT <rfc822;w@1wt.eu>);
	Fri, 3 Jul 2015 15:04:37 -0400
Received: from bombadil.infradead.org ([198.137.202.9]:46602 "EHLO
	bombadil.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1755340AbbGCTE3 (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Fri, 3 Jul 2015 15:04:29 -0400
Date: Fri, 3 Jul 2015 21:04:20 +0200
From: Peter Zijlstra <peterz@infradead.org>
To: eranian@gmail.com
Cc: Vince Weaver <vincent.weaver@maine.edu>,
        LKML <linux-kernel@vger.kernel.org>, Ingo Molnar <mingo@redhat.com>,
        Arnaldo Carvalho de Melo <acme@kernel.org>, kan.liang@intel.com
Subject: Re: perf: fuzzer triggered warning in intel_pmu_drain_pebs_nhm()
Message-ID: <20150703190420.GS3644@twins.programming.kicks-ass.net>
References: <alpine.DEB.2.20.1507021111380.14637@vincent-weaver-1.umelst.maine.edu>
 <20150703131336.GI19282@twins.programming.kicks-ass.net>
 <CAMsRxfJurCVcQD5642R10SP70XuXxTes3CyKrrD5owu39f_AXg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAMsRxfJurCVcQD5642R10SP70XuXxTes3CyKrrD5owu39f_AXg@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2012-12-30)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1782
Lines: 52

On Fri, Jul 03, 2015 at 08:56:57PM +0200, Stephane Eranian wrote:
> Where do you see that we use cpuc->pebs_enabled after clearing it
> in pebs_disable() to check for overflow or active in drain_pebs()?
> I only see it used in get_next_pebs_record_by_bit()?


| static inline bool pebs_is_enabled(struct cpu_hw_events *cpuc)
| {
|         return (cpuc->pebs_enabled & ((1ULL << MAX_PEBS_EVENTS) - 1));
| }


| void intel_pmu_pebs_disable(struct perf_event *event)
| {
|         struct cpu_hw_events *cpuc = this_cpu_ptr(&cpu_hw_events);
|         struct hw_perf_event *hwc = &event->hw;
|         struct debug_store *ds = cpuc->ds;
| 
|         cpuc->pebs_enabled &= ~(1ULL << hwc->idx);

Here we clear it...

|         if (event->hw.flags & PERF_X86_EVENT_PEBS_LDLAT)
|                 cpuc->pebs_enabled &= ~(1ULL << (hwc->idx + 32));
|         else if (event->hw.flags & PERF_X86_EVENT_PEBS_ST)
|                 cpuc->pebs_enabled &= ~(1ULL << 63);
| 
|         if (ds->pebs_interrupt_threshold >
|             ds->pebs_buffer_base + x86_pmu.pebs_record_size) {
|                 intel_pmu_drain_pebs_buffer();

Here we drain the buffer; which uses ->pebs_enabled

|                 if (!pebs_is_enabled(cpuc))

And here we test it

|                         perf_sched_cb_dec(event->ctx->pmu);
|         }
| 
|         if (cpuc->enabled)
|                 wrmsrl(MSR_IA32_PEBS_ENABLE, cpuc->pebs_enabled);
| 
|         hwc->config |= ARCH_PERFMON_EVENTSEL_INT;
| }

That said, its far too warm and I might just not be making sense.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/